Help! Avast Mail Scanner icon keeps popping up on taskbar with an ip address

I wonder if anyone can assist me?

On my windows taskbar recently ive noticed that avast mail scanner shows an ip address: 192.204.98.150

I’m just wondering (since im a noob wif networks) if this is a sign of an attempted hack/spyware?

It’s happened before with another ip, tracked it down to a chinese ip address.

Can anyone tell me if my fears are unfounded?

Thx

What exactly does the message say - can you post a screenshot maybe?

Does this ring any bells (see whois below), is it your ISP or one of your email accounts ?

A whois check doesn’t show this as a chinese ip address but an American one ?

Querying whois.arin.net:43 for 192.204.98.150...

OrgName: NTT America, Inc.
OrgID: NTTAM-1
Address:
Address:
City: Centennial
StateProv: CO
PostalCode:
Country: US

ReferralServer: rwhois://rwhois.verio.net:4321/

NetRange: 192.204.0.0 - 192.204.255.255
CIDR: 192.204.0.0/16
NetName: NTTA-192-204
NetHandle: NET-192-204-0-0-1
Parent: NET-192-0-0-0-0
NetType: Direct Allocation
NameServer: NS0.VERIO.NET
NameServer: NS1.VERIO.NET
NameServer: NS2.VERIO.NET
NameServer: NS3.VERIO.NET
NameServer: NS4.VERIO.NET

Sadly i can’t post a screenie 'cos its rather intermittent, hence why i suspect it could be a attempted hack.

And yeah, i checked it using the whois servers and this is what i got:

This is the RIPE Whois query server #2.
% The objects are in RPSL format.
%
% Note: the default output of the RIPE Whois server
% is changed. Your tools may need to be adjusted. See
% http://www.ripe.net/db/news/abuse-proposal-20050331.html
% for more details.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html

% Information related to ‘194.204.98.0 - 194.204.98.255’

inetnum: 194.204.98.0 - 194.204.98.255
netname: WALDONET
descr: WALDONET LTD.
country: MT
admin-c: CL999-RIPE
tech-c: AC26-RIPE
status: ASSIGNED PA
mnt-by: WALDONET-MNT
changed: **********@waldonet.net.mt 20051130
source: RIPE

As you can see this is definitely not my email acct or ISP since my ISP is in Australia. And oops my apologies, the IP should be 194.204.98.150

I suggest:

  1. Disable System Restore on Windows XP: http://support.microsoft.com/default.aspx?scid=kb;[LN];310405
  2. Clean your temporary files.
  3. Schedule a boot time scanning with avast. Start avast! > Right click the skin > Schedule a boot-time scanning. Select for scanning archives. Boot.
  4. Use a-squared, Free AVG Antispyware, SUPERantispyware or Spyware Terminator (trojan removers).

And post the results…